Snort d3.radial.cluster
Snort d3.radial.cluster

Last year (2016 end of year summary) was my year for stepping back into cyberspace situational awareness after a very long personal sabbatical.    Friends tell me it was good I took a long rest, enjoyed life and let technology catch up with the vision for CSA laid out in 1999 and 2000.    Now, around a half of an election year into my “get back up to speed” period, I’m finding that the technology to realize cyber situational awareness continues to dramatically lag the explosive growth of cyberspace.

There are serious speed bumps on the road to realizing cyberspace SA:

3D Visualization

The state-of-the-art of meaningful 3D visualization of big data sets, for example millions and millions (billions and billions) of nodes and edges representing cyberspace is far behind the explosive growth of cyberspace.   The clustering, filtering, and selection of subsets of this “humongous graph” we call cyberspace is beyond the capabilities of current technology.   For the most part, we all still live and work in a 2D computing environment.  However, the visualization of cyberspace requires 3D and even 4D if you consider time the 4th dimension.   Our tiny research team (currently Richard and I), continue to evaluate visualization engines, and it is obvious that all the visualization engines available to date are woefully inadequate for realizing cyberspace situational awareness.

Some might suggest that we back-end process this “humongous dynamic graph” more to take the load off the visualization requirements.  However, it has been proven time and time again, that for the foreseeable future, machines are just big calculators, doing as they are told, and we humans still need to tell them what do to.   AI and machine learning is not going to solve the problem; and even if it could someday (which is becoming more probable every year), we would have to ask ourselves “do we want some huge AI entities running a world we are too blind to see?”  

I think there is great danger ahead if we cannot see into this cyber world we are creating. For this reason, i will continue to look into how to visualize cyberspace in a meaning way, which leads to cyber situational awareness in 2017 and beyond.

Big Data Processing

As mentioned above, processing dynamic big data sets, for example data sets millions and millions (billions and billions) of nodes and edges is now possible.  Advances in distributed processing of batch data on top of distributed file systems continues to show promise   Clustering, filtering, selection, enrichment and processing of subsets of cyberspace is possible; but again we  humans must visualize the results in order to refine the process.  After all, we want humans running the world, not machines created by humans, I think. We humans need to visualize what we are designing.  So, while advances in Big Data are promising, the technology to meaningfully visualize the results so we can refine our algorithms and designs are way,way behind.   None of the “Big Data” solutions on the horizon show a capability to visualize big data in a way which is keeping up with the explosive growth of cyberspace.

Our Personal Mortality

Honestly, I’m getting older (we all are….).   Twenty years have passed since my original work on cyber situational awareness.  We are making progress, but the technology to realize CSA is far behind the explosive growth of cyberspace.   Now, everyone says “cyber cyber cyber”, all the media talking-heads, US Presidential candidates – I mean everyone talks and tweets cyber.   However, like a rapidly spreading cancer, cyber grows out-of-control and we humans are limping along trying to catch up.  People do not seem to realize that this cancer is growing in our world.  Cyberspace is growing exponentially.  We can’t even see it! We have little to no idea what is going on inside of it.  We don’t even know for sure how to model and represent it.  (I have some ideas, but they are not easy to implement with current technology!)

This cancerous growth is having unintended consequences that range from unforeseen influences in democratic elections to “tweet wars” by world leaders about using nukes.  Fake news and misinformation pollute everyone’s hearts and minds who come into contact with it.  All of this cognitive-pollution is an unforeseen consequence of the self- organizing nature of complex systems made by humans.   It’s not a vast conspiracy by a room full of oligarchs as the crazy conspiracy theorist rant and rave about; it is simply a consequence of the way complex systems self-organize.  The problem is we are not talking about weather, bees swarming, butterflies flapping their wings, or the growth of plants and flower pedals, nor are we talking about the evolution of a chimpanzee to walk upright on two legs.  We are talking about a world, a cyber world, created with both good and evil human intentions.  This is scary stuff and we have only seen this cancerous growth for a few short decades.

Remember the story of SkyNet in the Terminator movies?   Well, SkyNet was designed to protect humans and bring peace to the world.  Then, SkyNet became so smart, it’s AI so advanced, that SkyNet (the movie) realized that humans were the true threat to the planet – Humans!    There seems more truth to this than fiction these days.   If we have truly advanced AI running the planet, do you think the “AI Powers to Be” would think very highly about the horrible things humans do to each other and do to the planet we live on.  We humans are the biggest danger to this planet – not tigers and swarming bees; just read the news, friends.   Well, we can’t help but “read the news“, we are bombarded by 24 hour news on cable TV and on our personal phones, social networks and computers.  It’s a mad-mad-mad world, and I’m not convinced that cyberspace SA will be only used “for good” by humans.  Think about it.

It’s the Visualization

I find it troubling that the explosion of mobile computing and social networking has caused a slow down in desktop computing.   For example, for most 3D game developers, a Mac is not a option these days (and I am a huge Mac lover).   The graphics cards used in the current generation of Macs are considered so far behind the times, that game developers tend to only recommend Windows.   If you research this on the net, you will read that even die-hard Apple fans find they need to ditch their Macs to develop 3D games smoothly.   These “developer frustrations” say a lot, to me at least, about the sad state of desktop and personal computing.

Then, we see the world is preoccupied with terrorists, fighting them, and killing them.   This is very expensive.   While governments fight one cancer (terrorism) another cancer grows (unforeseen cyberspace consequences).  By the time one cancer is eradicated, another, more powerful cancer may have taken over our daily lives – if it has not already.

There are these huge speed bumps in the long road to realize true cyberspace situational awareness.  Cyberspace has grown so far so fast in such a short time, that all of us have little to no control over the unforeseen consequences this brings to our lives.    Would a sane society create a system which they cannot hope to control or even visualize?  Think about it.

Note:  The featured image in this post is a D3 clustered radial tree view I made on a very quiet holiday of filtered intrusion detection sensor data (some would call these “attacks” but I would not go so far as to say that, but it’s definitely a result of malicious software scans, etc. at a minimum) on a single server.   One server.   Imagine the world of servers and cyberspace in general……